Known-exploit detection for the kernel

Posted Dec 19, 2013 23:16 UTC (Thu) by Trou.fr (subscriber, #26289)
In reply to: Known-exploit detection for the kernel by iq-0
Parent article: Known-exploit detection for the kernel

I perfectly understand the reasoning. But I think this is quite representative of the current mindset of developpers regarding security : no consideration for effective measure and it sometimes seems no consideration for actual security.

The single "recent" feature which led to actual security improvements in the kernel I can think of is seccomp-bpf, which is a brilliant and very efficient idea.

As you said, developpers would probably turn their attention to something else entirely. If only some grsec features could be included in the kernel.

Known-exploit detection for the kernel

Posted Dec 25, 2013 23:02 UTC (Wed) by nix (subscriber, #2304) [Link] (2 responses)

If only some grsec features could be included in the kernel.

That seems unlikely to happen while the grsec people remain incapable of working with other people or taking criticism of any kind without blowing up like two-year-olds. (Apologies to my two-year-old niece, who blows up very rarely and is usually quite charming and sweet.)

Known-exploit detection for the kernel

Posted Dec 25, 2013 23:56 UTC (Wed) by PaXTeam (guest, #24616) [Link] (1 responses)

did you move to the southern hemisphere recently? i can't think of many other places where it's hayfever season. keep up the nonsense and spender and i wish you a merry christmas (try without the drugs though).

Known-exploit detection for the kernel

Posted Dec 26, 2013 22:22 UTC (Thu) by nix (subscriber, #2304) [Link]

... aand my point is proved. I'd rather bite my own nose off than work with people this nasty.